diff options
-rw-r--r-- | packages/squid.xml | 25 |
1 files changed, 20 insertions, 5 deletions
diff --git a/packages/squid.xml b/packages/squid.xml index 6a5bebda..36ae5cc9 100644 --- a/packages/squid.xml +++ b/packages/squid.xml @@ -9,12 +9,27 @@ <custom_php_install_command> echo "<pre>"; system("/bin/mkdir /usr/local/etc/squid"); + $lancfg = $config['interfaces']['lan']; + $lanif = $lancfg['if']; + $lanip = $lancfg['ipaddr']; + $lansa = gen_subnet($lancfg['ipaddr'], $lancfg['subnet']); + $lansn = $lancfg['subnet']; + $netmask = ""; $fout = fopen("/usr/local/etc/squid/squid.conf","w"); - fwrite($fout, "http_port 127.0.0.1:3128\n"); - fwrite($fout, "http_access deny to_localhost\n"); - fwrite($fout, "acl our_networks src 10.0.0.0/8\n"); - fwrite($fout, "http_access allow our_networks\n"); - fwrite($fout, "visible_hostname insomnia.benzedrine.cx\n"); + fwrite($fout, "# cat squid.conf\n"); + fwrite($fout, "http_port 3128\n"); + fwrite($fout, "icp_port 0\n"); + fwrite($fout, "acl localnet src " . $lansa . "/" . $lansn . "\n"); + fwrite($fout, "acl all src " . $lansa . "/" . $lansn . "\n"); + fwrite($fout, "acl localhost src 127.0.0.1/255.255.255.255\n"); + fwrite($fout, "acl Safe_ports port 80 443 210 119 70 21 1025-65535\n"); + fwrite($fout, "acl CONNECT method CONNECT\n"); + fwrite($fout, "http_access allow localnet\n"); + fwrite($fout, "http_access allow localhost\n"); + fwrite($fout, "http_access deny !Safe_ports\n"); + fwrite($fout, "http_access deny CONNECT\n"); + fwrite($fout, "http_access deny all\n"); + fwrite($fout, "visible_hostname pfSense\n"); fwrite($fout, "httpd_accel_host virtual\n"); fwrite($fout, "httpd_accel_port 80\n"); fwrite($fout, "httpd_accel_with_proxy on\n"); |